Member of Hacking Group LulzSec Arrested for June 2011 Intrusion of Sony Pictures Computer Systems

FBI Los Angeles
September 22, 2011

Public Affairs Specialist Laura Eimiller(310) 996-3343

LOS ANGELES—A member of the LulzSec hacking group was arrested this morning for his role in an extensive computer attack against the computer systems of Sony Pictures Entertainment, announced André Birotte Jr., the United States Attorney in Los Angeles; and Steven Martinez, Assistant Director in Charge of the FBI’s Los Angeles Field Office.

Cody Kretsinger, 23, of Phoenix, Arizona, was arrested this morning by FBI agents without incident. On September 2, 2011, a federal grand jury returned an indictment filed under seal in U.S. District Court in Los Angeles charging Kretsinger with conspiracy and the unauthorized impairment of a protected computer. The federal indictment was unsealed this morning upon Kretsinger’s arrest.

From approximately May 27, 2011, through June 2, 2011, the computer systems of Sony Pictures Entertainment were compromised by a group known as “LulzSec,” or “Lulz Security,” whose members anonymously claimed responsibility on LulzSec’s website. Kretsinger, also known by the moniker “recursion,” is believed to be a current or former member of LulzSec. The extent of damage caused by the compromise at Sony Pictures is under investigation.

According to the indictment, Kretsinger resided in Tempe, Arizona at the time the alleged criminal activity took place. In order to carry out the attack, Kretsinger allegedly sed a proxy server in an attempt to mask or hide his Internet Protocol (IP) address. The indictment alleges that Kretsinger and other coconspirators obtained confidential information from Sony Pictures’ computer systems using an “SQL injection” attack against its website, a technique commonly used by hackers to exploit vulnerabilities and steal information.

The indictment alleges that Kretsinger and his co-conspirators distributed the stolen information, including by posting the information on LulzSec’s website, and then announced the attack via its Twitter account. The indictment further alleges that, in order to avoid detection by law enforcement, Kretsinger permanently erased the hard drive of the computer he used to conduct the attack on Sony Pictures.

LulzSec is known for its affiliation with the international group of hackers known as “Anonymous.” Anonymous, according to the indictment, is a collective of computer hackers and other individuals located throughout the world that conduct cyber attacks, including the dissemination of confidential information stolen from victims’ computers, against individuals and entities they perceive to be hostile to its interests.

In the recent past, LulzSec has been linked to the hacking or attempted hacking of numerous targets, including various websites that represent governmental or business entities, among others.

Kretsinger will make an initial appearance before a federal magistrate in U.S. District Court in Phoenix today. The government will request that Kretsinger be removed to Los Angeles, the district in which he was charged, to face prosecution. If convicted, Kretsinger faces a statutory maximum sentence of 15 years in prison. This investigation was conducted by the Electronic Crimes Task Force (ECTF) in Los Angeles. The ECTF is comprised of agents and officers from the FBI, United States Secret Service, Los Angeles Police Department, Los Angeles County Sheriff’s Department, United States Attorney’s Office, Los Angeles County District Attorney’s Office, and the California Highway Patrol.

This case is being prosecuted by the United States Attorney’s Office in Los Angeles.

An indictment merely contains allegations that a defendant has committed a crime. Every defendant is presumed innocent unless and until proven guilty at trial.